Presentation | 2005-07-21 A Proposal of Worm Detection System by Taking a Statistics of Series of Packets to Honeypot Maki KATAOKA, Yumiko ISHIGE, Nobutaka MANTANI, Humiharu OHASHI, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | A worm detection system tells us when an unknown worm occurs as well as its attributes. In the proposed system, traffic from the Internet to the honeypot is divided into a series of packets, which include some established TCP connections. The similarity between one series of packets and another are calculated by using the vector space model and the edit distance. As a result, we were able to know that how many times each incident happened and how similar each incident was to others incident. Finally, we were able to find some unknown worms and their attributes. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | Computer Security Incident / Worm Detection / Vector Space Model / Edit Distance |
Paper # | ISEC2005-9,SITE2005-7 |
Date of Issue |
Conference Information | |
Committee | ISEC |
---|---|
Conference Date | 2005/7/14(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Information Security (ISEC) |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | A Proposal of Worm Detection System by Taking a Statistics of Series of Packets to Honeypot |
Sub Title (in English) | |
Keyword(1) | Computer Security Incident |
Keyword(2) | Worm Detection |
Keyword(3) | Vector Space Model |
Keyword(4) | Edit Distance |
1st Author's Name | Maki KATAOKA |
1st Author's Affiliation | National Security Business Unit, Public Business Sector, NTT Data Corporation() |
2nd Author's Name | Yumiko ISHIGE |
2nd Author's Affiliation | National Security Business Unit, Public Business Sector, NTT Data Corporation |
3rd Author's Name | Nobutaka MANTANI |
3rd Author's Affiliation | High-Tech Crime Technology Division, Information Communications Bureau, National Police Agency |
4th Author's Name | Humiharu OHASHI |
4th Author's Affiliation | High-Tech Crime Technology Division, Information Communications Bureau, National Police Agency |
Date | 2005-07-21 |
Paper # | ISEC2005-9,SITE2005-7 |
Volume (vol) | vol.105 |
Number (no) | 193 |
Page | pp.pp.- |
#Pages | 6 |
Date of Issue |